Prev: Building GLIBC-2.3.5
Next: Problems with lilo on dualboot PC with SATA drives
From: TooManyPutters on 14 Sep 2005 13:31

"Peter T. Breuer" <ptb(a)oboe.it.uc3m.es> wrote in message
news:34nlv2-6sa.ln1(a)news.it.uc3m.es...
> TooManyPutters <RainyDay(a)theswamp.com> wrote:
>> I guess I don't understand that security feature then against the
>> internet.
>> Once I have logged in, haven't I opened it to the outside world?
>> (assuming
>> I have no security features running).
>
> Whatever you are saying sounds like random psychobabble. What is "it"?
> Logging in does nothing except logging in! The point is that if you can
> do it (i.e. logging in) without a password, so can anyone else!
>
> Is that not clear? If not, ask how you can remove your front door so that
> you don't have to fumble for a key any more!
>
>
> Peter

Well Peter, thanks for your input. I'm crazy. I speaketh in psychobabble.
I will continue to watch with interest your input to others that have
questions about Linux.


From: dave stanton on 14 Sep 2005 13:31

> I guess I don't understand that security feature then against the internet.
> Once I have logged in, haven't I opened it to the outside world? (assuming
> I have no security features running).

No you dont understand, but do it and wait for someone to take over your
pc for a DOS attack and see what your ISP will think of not having even
basic security.

Dave
From: local-leafnode on 14 Sep 2005 16:41
TooManyPutters wrote:
> Using Ubuntu 5.04. How do I bypass the login and password screen? Or at
> least automate it?
>
Depends on the login manager. For kdm (KDE login manager):
kcontrol -> System Administration -> Login Manager -> Convenience
Goto Administrator Mode and switch on auto-login.

For gdm (Gnome login manager):
gdmconfig

And don't get confused by people talking about terrible security risks.
Of course auto-login is dangerous if other people have physical access
to your computer, but usually has nothing to do with network access to
your computer.

kind regards
Thorsten M.


From: Nico Kadel-Garcia on 15 Sep 2005 07:13

"TooManyPutters" <RainyDay(a)TheSwamp.com> wrote in message
news:H7ZVe.7036$WW6.601186(a)twister.southeast.rr.com...
>
> "Peter T. Breuer" <ptb(a)oboe.it.uc3m.es> wrote in message
> news:34nlv2-6sa.ln1(a)news.it.uc3m.es...
>> TooManyPutters <RainyDay(a)theswamp.com> wrote:
>>> I guess I don't understand that security feature then against the
>>> internet.
>>> Once I have logged in, haven't I opened it to the outside world?
>>> (assuming
>>> I have no security features running).
>>
>> Whatever you are saying sounds like random psychobabble. What is "it"?
>> Logging in does nothing except logging in! The point is that if you can
>> do it (i.e. logging in) without a password, so can anyone else!
>>
>> Is that not clear? If not, ask how you can remove your front door so that
>> you don't have to fumble for a key any more!
>>
>>
>> Peter
>
> Well Peter, thanks for your input. I'm crazy. I speaketh in
> psychobabble. I will continue to watch with interest your input to others
> that have questions about Linux.

Friend, *IGNORE* Peter. He likes to pretend that his "advice" has any use
whatsoever, as he insults the newbies and helps drive people away from
Linux.

A login that has no password, once you've created it, means that any
services on that machine reachable from outside that should require a
password, don't. Things like the SSH shell for logging into the machine
remotely, FTP, EMAP or POP mail access, etc. may all be vulnerable to
someone guessing your username from your email or simply randomly guessing
your username and logging in as you and abusing your system.

Those services may not be turned on: they may be blocked by a firewall: you
could have the machine unplugged from the net. But really, do you want
anyone who walks by your machine to be able to log into it as you? Or for an
email spammer to log into your machine remotely and use it to send Viagra
spam?

Now, that login access doesn't automatically get you "root" control or
absolute control of the machine. But such a machine with a limited, guest
autologin could be used for public terminal or test machine. If you need to
do something like that, I really urge you to have it behind a firewall and
turn off all incoming services for that user in particular.


From: Peter T. Breuer on 15 Sep 2005 07:37
Nico Kadel-Garcia <nkadel(a)comcast.net> wrote:
> "TooManyPutters" <RainyDay(a)TheSwamp.com> wrote in message news:H7ZVe.7036$WW6.601186(a)twister.southeast.rr.com...
>> PTB wrote
>>> Is that not clear? If not, ask how you can remove your front door so that
>>> you don't have to fumble for a key any more!

> Friend, *IGNORE* Peter. He likes to pretend that his "advice" has any use
> whatsoever, as he insults the newbies and helps drive people away from
> Linux.

Would you mind getting back in your box. Thanks.

Peter
First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: Building GLIBC-2.3.5
Next: Problems with lilo on dualboot PC with SATA drives